0.17.0 iOS + Android
Common Changes
WARNING: This version of SDK requires PowerAuth server 0.16.1
or higher, but the 0.17.0
is recommended. Check our product release matrix for more details.
- We have removed
encryption
field from our model objects used for networking. This change should be transparent from clients side. - The C++ core now contains methods for an activation code validation and parsing. This affects both platforms, but doesn't break an existing interface contracts.
- Added method for validating data received from the server. The data signature must be calculated with the master server private key.
- Finalized "offline" signatures. The offline signatures are now officially supported in the SDK
- Added support for token based authentication. Please visit our wiki page for powerauth-crypto for more information about this new feature.
- The low level C++ Session object is now thread safe. It is still recommended to use a high level
PowerAuthSDK
from one thread only (typically dedicated for UI), but now, the internal mutex guarantees, that the session's state is always consistent. - The low level C++ code is now able to migrate session data produced in very old, non-opensource version of the PowerAuth mobile library. That library is history, but one of our clients has still a significant number of active users using that very old code, so we decided to help them with the migration.
Android Changes
- Updated networking model classes to
io.getlime.security:powerauth-restful-model:0.17.1
. - Added various validation methods to
OtpUtil
class. For example, you can useOtpUtil.validateAndCorrectTypedCharacter(character)
to check and autocorrect characters during the manual activation code editing. - You can now use
PowerAuthSDK.offlineSignatureWithAuthentication()
interface for offline signatures calculation. - You can now use
PowerAuthSDK.verifyServerSignedData()
to verify, whether the data has been signed with master server private key. - Added
PowerAuthSDK.getTokenStore()
method to access a new facility for calculating tokens. You can use a newly createdPowerAuthToken
&PowerAuthTokenStore
classes for calculating token-based authentication headers. PowerAuthAuthorizationHttpHeader
class is now used also for token based headers, so you can use it'skey
property to get the right HTTP header's name.
IOS Changes
- Added various validation methods to
PA2OtpUtil
interface. For example, you can usePA2OtpUtil.validateAndCorrectTypedCharacter(character)
to check and autocorrect characters during the manual activation code editing. - Added debug description method implementation to following classes:
PA2ActivationStatus
,PA2ActivationResult
,PA2Error
,PA2ErrorResponse
,PA2OperationTask
. This change helps with debugging but it's available only whenPowerAuth2-Debug
pod is used. - Removed
PA2Session.lastErrorCode
due to problematic thread safety. Theenum PA2CoreErrorCode
is now deprecated and will be moved to private headers in some future release of the SDK. The enumeration had always only a debugging value, so you suppose to not use it for your own purposes. You can used a DEBUG build of the library to get the detailed log about the problem. - You can now use
PowerAuthSDK.offlineSignature()
interface for offline signatures calculation. - You can now use
PowerAuthSDK.verifyServerSignedData()
to verify, whether the data has been signed with master server private key. - Added
PowerAuthSDK.tokenStore
property to access a new facility for calculating tokens. Then, you can use a newly createdPowerAuthToken
&PowerAuthTokenStore
interfaces for calculating token-based authentication headers. PA2AuthorizationHttpHeader
class is now used also for token based headers, so you can use it'skey
property to get the right HTTP header's name.PA2AuthorizationHttpHeader
has itsvalue
property now declared asnonnull
. This change might cause a couple of warnings in swift codes due to fact, that you previously had to handle nullability of that property. We can guarantee that if you get the header object, then it always has a valid "value". The interface's designated intializer is now private, so it's no longer to possible create a header object just with value.- Removed an import for
<UIKit/UIKit.h>
from SDK's public header. This is a minor change, but may cause a lot of troubles due to fact, that the application is typically importing our PowerAuth SDK in its bridging header. The imports from bridging header are visible for the whole module so for previous versions of the library you didn't need to import UIKit at all. The quick fix for this change is to add an import for UIKit to your bridging header, but we recommend to add a proper imports to all your affected swift files. - Removed private constant
PA2KeychainKey_SessionState
. The value is no longer used in the SDK internals, so if your code depends on it, you can use following string constant as a replacement:"PA2KeychainKey_SessionState"
- When custom activation fails, then the returned
NSError
contains additional information about the failure. You can use following keys toerror.userInfo
dictionary:PA2ErrorInfoKey_ResponseData
to getNSData
with response body, if that data is availablePA2ErrorInfoKey_AdditionalInfo
to get JSON parsed from response body, if it's possible to parse that data